Lucent Sky AVM version 2203 release notes

2022/5/9 |

Lucent Sky AVM version 2203 releases

Lucent Sky AVM version 2203 MR

New features in 2203 MR

Technology stack

  • Support for Ruby
  • Compatibility improvements for ABAP, Apex, and COBOL applications

Build

  • Support for JDK applications developed with Scala
  • Support for JDK applications built with sbt

Binary analysis

  • Accuracy and compatibility improvements for applications without source code
  • Compatibility improvements for JDK web applications

Source code analysis

  • Performance and compatibility improvements for XML-based and YAML configuration files
  • General improvements for the source code analysis engines

Dependency analysis

  • Support for dependencies and software bill of material (SBOM) queries
  • Support for additional package managers
  • General improvements for the dependency analysis engines

Remediation

  • Improved update guidance for vulnerable dependencies

Intelligence

  • Real-time intelligence for remediation, dependency analysis, and automatic false positive suppression.

    With real-time intelligence, Lucent Sky AVM uses localized machine learning and proprietary real-time data to more accurately identify vulnerable software dependencies, generate Instant Fixes and dependency update guidance, and automatically suppress false positives. Some features of real-time intelligence are only available in select markets or only available to customers in the Lucent Sky AVM Preview Program. To learn more about the Lucent Sky AVM Preview Program, visit Introducing Lucent Sky AVM Preview Program.

Reporting

  • Support for hiding scan results and bulk suppression hidden results
  • Dependency information in XML reports
  • Improved localization of vulnerability information
  • Accessibility and usability improvements for PDF reports
  • Support for print quality PDF reports

Interface

  • Accessibility and usability improvements to the Web UI
  • Accessibility and usability improvements to the Eclipse plug-in and support for Eclipse 2022-03
  • Improved error handling in the CLI

Administration

  • Support for user data migration

Issues fixed in 2203 MR

  • We fixed an issue when certain I/O errors occurred during pre-analysis, the scan appears to be stuck in the pre-analysis stage
  • We fixed an issue when the instance only has certain versions of Build Tools for Visual Studio 2022 installed, scanning some .NET applications might fail due to MSBuild is not found
  • We fixed an issue where binary analysis might complete with a 'Symbol files are missing or incompatible' warning even when symbol files were included in the source code archive
  • We fixed an issue where analysis processes were terminated prematurely when process monitoring is enabled
  • We fixed an issue where the Web UI is unable to locate the analysis target
  • We fixed an issue where the 'Analysis Target' field shows 'Custom' when the analysis target was detected automatically in the HTML/PDF report

Breaking changes in 2203 MR

There is no breaking change in 2203 MR.